Fantastic!
We’re up and running!
Thanks again to all for your help!
Darryl
From: Louis Munro [mailto:lmu...@inverse.ca]
Sent: Friday, April 28, 2017 5:46 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] Captive portal SSL not using defined cert
after PF7 upgrade
> On Apr 28, 2017, at 5:25 PM, Sokolowski, Darryl wrote:
>
> Oh, ok, now I understand what Fabrice meant about haproxy terminating the ssl
> tunnel. Thanks for that explanation.
> Sorry, I didn’t pick that up right away.
>
> I changed var/conf/haproxy.conf to point at my certificates, and eve
Oh, ok, now I understand what Fabrice meant about haproxy terminating the ssl
tunnel. Thanks for that explanation.
Sorry, I didn't pick that up right away.
I changed var/conf/haproxy.conf to point at my certificates, and every time I
restart the service, it rewrites haproxy.conf file back to usi
A bit of background seems in order.
In PF 7.0 HAProxy sits in front of the httpd process for the portal.
HAProxy terminates the TLS connection, not httpd.
So you must tell HAProxy where to find your server certificate and key.
Look at the var/conf/haproxy.conf.
You will find the lines that conf
Hi i have got a working PF ZEN version 7 server going and its working
great. I would like to Hardcode the SMS provider and hiide the field on the
HTML form. I searched this group and fond soulution but they seem to be for
earlier versions of Packetfence and dint seem to apply to version 7. I do
not
Hello,
I am exactly in the same case.
Here is the content of
/usr/local/pf/conf/httpd.conf.d/ssl-certificates.conf :
/# Apache SSL certificates configuration//
//# This file is manipulated on PacketFence's startup before being given
to Apache//
//SSLCertificateFile %%install_dir%%/conf/ssl/c
Hello Darryl,
what did you do exactly ?
Regards
Fabrice
Le 2017-04-27 à 12:06, Sokolowski, Darryl a écrit :
>
> Thanks Fabrice,
>
> I concatenated my server certificate and server key as suggested and
> restarted pf, but unfortunately when I access the portal page, I am
> still getting the ce
Hello Mikhail,
follow the guide section 4.8.6
(https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html)
and be sure that you configured dynamic-author.
Then on the PacketFence side in your switch config select Radius as
deauth method.
Also have a look at pfqueue.log to s
Hi there again,
Thanks for the previous advice. We've given it to our dev department.
One thing that's bothering us upon deployment is the fact that changes on
packetfence (a registration, change of VLAN) are not applied until the
switch asks radius to authenticate the mac address again, so usual